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DETAILED ACTION 

1 . This office action is in response to Applicant's amendment filed on June 1 3, 
2005. Claims 1-24 are pending. 

Response to Arguments 

2. Applicant's arguments, see Remarks, filed June 13, 2005, have been considered 
but are not persuasive. In response to the arguments concerning the previously rejected 
claims, the following comments are made: 

The Applicant argues, "there is no notion of access control policies" by Bahlmann 
(U.S. Patent 6, 487,594). The Examiner disagrees. Bahlmann discloses a Subscriber 
Management System (SMS) database that represents the repository of subscriber 
specific data including name, address, billing information, etc. This information is used 
as access control by prohibiting unauthorized access to confidential data. (Col. 6, lines 
59-67 and Col. 7, lines 1-58) 

The Applicant argues, "there is no support for provisioning of mechanisms in the 
policies" by Moriconi et al. (U.S. Patent 6,158,010). The Examiner disagrees. Moriconi 
et al. disclose a system comprising policy manager located on a server for managing 
and distributing a local client policy based on a global security policy. (Col. 4, lines 19- 
22) Furthermore, Moriconi et al. disclose a policy manager manages and distributes a 
policy, a policy that is intended to specify the security requirements for applications and 
databases. In response to applicant's argument that the references fail to show certain 
features of applicant's invention, it is noted that the features upon which applicant relies 
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(i.e., "reconfiguration of a policy when an operation is attempted") are not recited in the 
rejected claim(s). Although the claims are interpreted in light of the specification, 
limitations from the specification are not read into the claims. See In re Van Geuns, 988 
F.2d 1 1 81 , 26 USPQ2d 1 057 (Fed. Cir. 1 993). 

The Applicant argues "there is no support for reconciling group and local policies 
to determined a policy instance or checking compliance of a local policy with a policy 
instance". The Examiner disagrees. Bahlmann teaches a central database operable 
with each of the regional policy databases for providing central definitions to the Internet 
servers. (Col. 2, lines 10-12) The central definitions are equivalent to the group policy 
while regional policy is equivalent to local policies. Therefore, Bahlmann discloses 
reconciling group policy with local policy because the local management has to 
implement the centralized configuration that is provided by a central policy database 
(CPD). (Abstract) 

The Applicant argues Bahlmann fails to show "a group policy" and "to distribute a 
policy instance which defines a configuration of security-related services used to 
implement the session". The Examiner disagrees. Bahlmann distributes a group policy 
for providing centralized configuration (See Abstract) and discloses a Subscriber 
Management System (SMS) database that represents information used to implement 
security-related services. (Col. 6, lines 59-67 and Col. 7, lines 1-58) 

The Examiner disagrees with the applicant and maintains all rejections. All 
amendments and argument by the Applicant have been considered. It is the Examiner's 
conclusion that calms 1-24 are not patentably distinct or non-obvious over the prior art 
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of record in view of the references Bahlmann, Brownlie and Moriconi. Therefore, all the 
rejection is maintained as given below. 



Claim Rejections - 35 USC § 103 

3. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed 
or described as set forth in section 102 of this title, if the differences between the 
subject matter sought to be patented and the prior art are such that the subject 
matter as a whole would have been obvious at the time the invention was made 
to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was 
made. 

This application currently names joint inventors. In considering patentability of 
the claims under 35 U.S.C. 103(a), the examiner presumes that the subject matter of 
the various claims was commonly owned at the time any inventions covered therein 
were made absent any evidence to the contrary. Applicant is advised of the obligation 
under 37 CFR 1 .56 to point out the inventor and invention dates of each claim that was 
not commonly owned at the time a later invention was made in order for the examiner to 
consider the applicability of 35 U.S.C. 103(c) and potential 35 U.S.C. 102(e), (f) or (g) 
prior art under 35 U.S.C. 103(a). 

4. Claims 1-4, 8-11, 13-16 and 20-23 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Bahlmann United States Letter Patent Number 6,487,594 further in 
view of Brownlie et al. (hereinafter Brownlie) United States Letter Patent Number 
6,202,157. 
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As per claims 1 and 13: 

Bahlmann teaches a method and system for determining and enforcing security 
policy in a communication session for a group of participants, the method comprising: 

providing group and local policies wherein each local policy states a set of local 
requirements for the session for a participant and the group policy represents a set of 
conditional, security-relevant requirements to support the session; (Col. 1, lines 59-63; 
Col. 2, lines 64-65) 

generating a policy instance based on the group and local policies wherein the 
policy instance defines a configuration of security-related services used to implement . 
the session and rules used for authorization and access control of participants to the 
session; (Col. 2, lines 8-12 and lines 34-36) 

distributing the policy instance to the participants; (Col. 1, lines 64-67; Col. 3, 
lines 50-53) 

Bahlmann does not explicitly disclose analyzing the policy instance with respect 
to a set of correctness principles; and enforcing the security policy based on the rules 
throughout the session. 

Brownlie in analogous art, however, discloses analyzing the policy instance with 
respect to a set of correctness principles; (Col. 5, lines 31-38) and enforcing the security 
policy based on the rules throughout the session (Col. 5, lines 46-48). 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify the method and system disclosed by 
Bahlmann to include analyzing the policy instance with respect to a set of correctness 



Application/Control Number: 10/006,552 Page 6 

Art Unit: 2133 

principles; and enforcing the security policy based on the rules throughout the session. 
This modification would have been obvious because a person having ordinary skill in 
the art would have been motivated to do so, as suggested by, Brownlie (Abstract) in 
order to provide variable security policy rule data for distribution to network node 
through central security policy rule data distribution source and enforce the policy rules. 
As per claims 2 and 14: 

Bahlmann and Brownlie teach all the subject matter as discussed above. In 
addition, Brownlie further discloses a method and system wherein the step of 
distributing includes the steps of authorizing a potential participant to participate in the 
session based on the rules and determining whether the potential participant has a right 
to view the security policy. (Col. 7, lines 8-15) 
As per claims 3 and 15: 

Bahlmann and Brownlie teach all the subject matter as discussed above. In 
addition, Brownlie further discloses a method and system wherein the step of analyzing 
verifies that the policy instance adheres to a set of principles defining legal construction 
and composition of the security policy. (Col. 5, lines 33-37) 
As per claims 4 and 16: 

Bahlmann and Brownlie teach all the subject matter as discussed above. In 
addition, Bahlmann further discloses a method and system wherein the step of 
generating includes the step of reconciling the group and local policies to obtain the 
policy instance which is substantially compliant with each of the local policies and 
wherein the policy instance identifies relevant requirements of the session and how the 
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relevant requirements are mapped into the configuration. (Col. 2, lines 10-12; a central 
policy database operable with each of the regional policy databases for providing 
central definitions to the Internet servers.) 
As per claims 8 and 20: 

Bahlmann and Brownlie teach all the subject matter as discussed above. In 
addition, Brownlie further discloses a method and system wherein the step of enforcing 
includes the steps of creating and processing events and. (Col. 6, lines 33-55) 
As per claims 9 and 21 : 

Bahlmann, Brownlie and Moriconi teach all the subject matter as discussed 
above. In addition, Brownlie further discloses a method and system wherein the step of 
enforcing includes delivering the events to security services via a real or software- 
emulated broadcast bus. (Col. 7, lines 58-64) 
As per claims 10 and 22: 

Bahlmann and Brownlie teach all the subject matter as discussed above. In 
addition, Brownlie further discloses a method and system wherein the step of creating 
events includes the step of translating application requests into the events. (Col. 6, lines 
33-55) 

As per claims 1 1 and 23: 

Bahlmann and Brownlie teach all the subject matter as discussed above. In 
addition, Brownlie further discloses a method and system wherein the step of enforcing 
further includes the steps of creating and processing timers and messages. (Col. 7, 
lines 50-56) 
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5. Claims 5-7, 12, 17-19 and 24 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Bahlmann United States Letter Patent Number 6,487,594 further in 
view of Brownlie et al. (hereinafter Brownlie) United States Letter Patent Number 
6,202,157 and further in view of Moriconi et al. (hereinafter Moriconi) United States 
Patent Number 6,158,010. 
As per claims 5 and 17: 

Bahlmann and Brownlie teach all the subject matter as discussed above. Both 
references do not explicitly disclose a method and system comprising verifying that the 
policy instance complies with the set of local requirements stated in the local policies. 

Moriconi in analogous art, however, discloses verifying that the policy instance 
complies with the set of local requirements stated in the local policies. (Col. 4, lines 20- 
24) 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify the method and system disclosed by 
Bahlmann and Brownlie to include verifying that the policy instance complies with the 
set of local requirements stated in the local policies. This modification would have been 
obvious because a person having ordinary skill in the art would have been motivated to 
do so, as suggested by, Moriconi (Col. 3, lines 44-45) in order to protect distributed 
networks of enterprises against unauthorized access. 
As per claims 6 and 18: 

Bahlmann, Brownlie and Moriconi teach all the subject matter as discussed 
above. In addition, Brownlie further discloses a method and system comprising 
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identifying parts of a local policy that are not compliant with the policy instance and 
determining modifications required to make the local policy compliant with the policy 
instance. (Col. 7, lines 41-49) 
As per claims 7 and 19: 

Bahlmann, Brownlie and Moriconi teach all the subject matter as discussed 
above. In addition, Brownlie further discloses a method and system comprising 
preventing a potential participant from participating in the session if the policy instance 
does not comply with the set of local requirements of the potential participant. (Col. 7, 
lines 12-14) 

As per claims 12 and 24: 

Bahlmann and Brownlie teach all the subject matter as discussed above. Both 
references do not explicitly disclose a method and system wherein the set of local 
requirements specifies provisioning and access control policies. 

Moriconi in analogous art, however, discloses a set of local requirements 
specifies provisioning and access control policies. (Col. 4, lines 28-33) 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to modify the method and system disclosed by 
Bahlmann and Brownlie to include a set of local requirements specifies provisioning and 
access control policies. This modification would have been obvious because a person 
having ordinary skill in the art would have been motivated to do so, as suggested by, 
Moriconi (Abstract) in order to manage access to the securable components as 
specified by the local policy. 
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6. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

7. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Shewaye Gelagay whose telephone number is 571-272- 
4219. The examiner can normally be reached on 8:00 am to 5:30 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Albert Decady can be reached on 571-272-3819. The fax phone number for 
the organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 



Shewaye Gelagay 
8/26/05 





SUPERVISORY PMWWJJJ 
TECHNOLOGY CB'TFR 21 00 



